Thanks for the above links guys, I was able to compile some very useful information using the above guides.

Can somone tell me whether it is possible to detect the source (geographically) of a threat that is prevented within SEP? Therefore the possibility of informing us where the threat is coming from (I appreciate that proxies may distort this information but any info would be a help).